Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 12 Apr 2002 00:56:45 -0700 (PDT)
From:      Annelise Anderson <andrsn@andrsn.stanford.edu>
To:        Lord Raiden <raiden23@netzero.net>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   Re: Setting user execution rights
Message-ID:  <Pine.BSF.4.10.10204120055290.85434-100000@andrsn.stanford.edu>
In-Reply-To: <4.2.0.58.20020412014309.0095d460@pop.netzero.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Fri, 12 Apr 2002, Lord Raiden wrote:

> 	Ok, I'm curious of something.  How do I set it so that a given user has 
> permission to execute program X and Y and look at a few files or logs on a 
> given server yet not to anything else?  I've got some servers I'm looking 
> to lock down but to do so means that I have to login as root each time I 
> need to do maintenance, and I hate being woke at 3am to bounce apache 
> because there was a power glitch or something or Ldap bit the dust.  I want 
> to set it so that certain users have rights to execute, kill, restart 
> certain programs, and view certain files without giving them any privileges 
> above and beyond that.  So for example user "joedoe" will be able to logon 
> as "joedoe" and start/kill/restart apache and view the apache logs, but 
> nothing else.  A task normally only available to root.  Joe Doe #2 would 
> have rights to do the same with FTPD and view/edit/delete web content under 
> "usr/local/www/data" and nothing more.
> 
> 	It's been so long since I've had to do this that I've gone stupid.  Can 
> someone refresh me on how to do this?  Thanks. 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message

sudo (in ports) is one commonly used program (a substitute for su) to
give administrators access to some stuff and not other stuff.  You can
set it up for "who gets to do what."

	Annelise 

-- 
Annelise Anderson
Author of: 		 FreeBSD: An Open-Source Operating System for Your PC
Available from:	 BSDmall.com and amazon.com
Book Website:    http://www.bittreepress.com/FreeBSD/introbook/	




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10204120055290.85434-100000>